maicol07/laravel-oidc-client
Composer 安装命令:
composer require maicol07/laravel-oidc-client
包简介
OpenID Connect Client for Laravel
README 文档
README
A Laravel package for delegating authentication to an OpenID Provider.
This package is an heavenly modified fork of cabinetoffice / oidc-client — Bitbucket
Requirements
- PHP 8.3+
- Laravel 11+
- Composer 2
Installation
Begin by adding this package to your depedencies with the command:
composer require maicol07/laravel-oidc-client
If you have opted out from auto discovery, you'll need to add the following line to the list of registered service
providers in config/app.php:
Maicol07\OIDCClient\OIDCServiceProvider::class
Edit your config/auth.php file to use OpenID as the authentication method for your users:
'guards' => [ 'web' => [ 'driver' => 'oidc', ... ], ... ],
Configuration
You can set the following environment variables to adjust the package settings:
OIDC_CLIENT_ID: Client ID of your app. This is commonly provided by your OIDC provider.OIDC_CLIENT_SECRET: Client secret of your app. This is commonly provided by your OIDC provider.OIDC_PROVIDER_URL: URL of your OIDC provider. This is used if your provider supports OIDC Auto Discovery.OIDC_CALLBACK_ROUTE: A path (with or without leading slash) to append to the provider name, to make the callback route path. Defaults tocallbackExample with the default values:oidc/callback(oidc/+OIDC_CALLBACK_ROUTE_PATH)OIDC_VERIFY: Verify SSL when sending requests to the server. Defaults totrue. (Optional: You can setOIDC_CERT_PATHto an SSL certificate path if you set this option tofalse)OIDC_HTTP_PROXY: If you have a proxy, set it here.OIDC_SCOPES: A list of scopes, separated by a space (). Defaults to['openid']. Example of valid value:openid emailOIDC_AUTHORIZATION_ENDPOINT_QUERY_PARAMS: A list of query parameters to add to the authorization endpoint encoded as a JSON object. Example of valid value:{"response_type":"code"}OIDC_DISABLE_STATE_MIDDLEWARE_FOR_POST_CALLBACK: A boolean to disable the registration of theOIDCStateMiddlewaremiddleware.
This middleware rebuilds the session token held in thestateparameter of aPOSTrequest to thecallbackroute.
You can find other options to set and their env variables in config/oidc.php. Note that some options are not
required (like endpoints) if you use OIDC auto discovery!
You can also publish the config file (config/oidc.php) if you want:
php artisan vendor:publish --provider="Maicol07\OIDCClient\OIDCServiceProvider"
How to use
Once everything is set up, you can replace your login system with a call to the route route('oidc.login'). For
logouts, use the route route('oidc.logout').
You can set the following environment variables to specify the routes/URLs you want your users to be redirected to upon
successful authentication/logout: OIDC_REDIRECT_PATH_AFTER_LOGIN and OIDC_REDIRECT_PATH_AFTER_LOGOUT.
You should add the Maicol07\OIDCClient\Models\Traits\LogsInWithOidc to your User model if you want to use the
get the mapping relation.
Customizing user mappings
You can customize how the user information received from the OIDC provider is mapped to your User model by
overriding the mapOIDCUserinfo method from the LogsInWithOidc trait in your User model.
Here's an example of how to do this:
use Maicol07\OIDCClient\Models\Traits\LogsInWithOidc; use Maicol07\OIDCClient\Models\OIDCUserinfo; use Illuminate\Foundation\Auth\User as Authenticatable; use Illuminate\Notifications\Notifiable; use Laravel\Sanctum\HasApiTokens; use Illuminate\Database\Eloquent\Factories\HasFactory; class User extends Authenticatable { use HasApiTokens, HasFactory, Notifiable, LogsInWithOidc; // Other model properties and methods... /** * Map OIDC UserInfo attributes to User model attributes. * * This method can be overridden in the User model to customize the mapping. * * @param string $issuer The OIDC issuer. * @param UserInfo $user_info The OIDC UserInfo object. * @param OidcAuthMapping $mapping The OIDC Auth Mapping instance. */ public function mapOIDCUserinfo(string $issuer, UserInfo $user_info, OidcAuthMapping $mapping): void { // Custom mapping logic here $this->name = $user_info->get('name', $this->name); $this->email = $user_info->get('email', $this->email); // Add more mappings as needed } }
Originally developed by Cabinet Office Digital Development in October 2019.
Currently maintained by maicol07 from October 2021
maicol07/laravel-oidc-client 适用场景与选型建议
maicol07/laravel-oidc-client 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 1.28k 次下载、GitHub Stars 达 27, 最近一次更新时间为 2021 年 10 月 27 日, 在 PHP 生态内属于活跃度较高的组件。
它主要适用于以下技术方向: 「OpenId」 「Authentication」 「oauth2」 「SSO」 「laravel」 「oidc」 等业务场景。在实际项目中,围绕这些方向常见需要落地的问题包括:接口对接、性能调优、并发安全、与既有框架(Laravel / ThinkPHP / Yii / Webman 等)的兼容适配,以及生产环境的日志埋点与稳定性保障。
我们在过去多个企业项目中使用过 maicol07/laravel-oidc-client 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。
基于 maicol07/laravel-oidc-client 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。
线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。
承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。
与 maicol07/laravel-oidc-client 相关的其它包
同方向 / 同关键字的高下载量 PHP Composer 包推荐,方便对比选型:
Automatically logs-in users if they are already authenticated by a remote source. (e.g. environment variable REMOTE_USER)
GraphQL authentication for your headless Craft CMS applications.
Ory-Hydra OAuth 2.0 Client Provider for The PHP League OAuth2-Client
Bare-bones OpenID Connect client
A lightweight and powerful OAuth 2.0 authorization and resource server library with support for all the core specification grants. This library will allow you to secure your API with OAuth and allow your applications users to approve apps that want to access their data from your API.
Customize JWT claims in Laravel Passport access tokens
统计信息
- 总下载量: 1.28k
- 月度下载量: 0
- 日度下载量: 0
- 收藏数: 27
- 点击次数: 12
- 依赖项目数: 0
- 推荐数: 0
其他信息
- 授权协议: MIT
- 更新时间: 2021-10-27